Ensure domains are not too long

fn/dns.php

@@ -8,7 +8,8 @@ function parseZoneFile($zone_content, $types, $filter_domain = false) {
 		$elements = preg_split('/[\t ]+/', $zone_line, 4);
 		if ($filter_domain !== false AND !str_ends_with($elements[0], $filter_domain))
 			continue; // Ignore records for other domains
-		if (!in_array($elements[2], $types, true)) continue; // Ignore records generated by Knot
+		if (!in_array($elements[2], $types, true))
+			continue; // Ignore records generated by Knot
 		array_push($parsed_zone_content, array_map('htmlspecialchars', $elements));
 	}
 	return $parsed_zone_content;
@@ -63,7 +64,7 @@ function checkIpFormat($ip) {
 }
 
 function checkAbsoluteDomainFormat($domain) { // If the domain must end with a dot
-	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR preg_match('/^([a-z0-9_-]{1,63}\.){2,127}$/D', $domain) !== 1)
+	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR preg_match('/^(?=^.{1,254}$)([a-z0-9_-]{1,63}\.){2,127}$/D', $domain) !== 1)
 		output(403, _('Domain malformed.'));
 }
 

fn/ht.php

@@ -22,9 +22,11 @@ function htSetupUserFs($id) {
 		output(500, 'Can\'t create Tor keys directory.');
 }
 
+
+
 function checkDomainFormat($domain) {
 	// If the domain must end without a dot
-	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/D', $domain))
+	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^(?=^.{1,254}$)([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/D', $domain))
 		output(403, _('Domain malformed.'));
 }
 

pg-act/ns/edit.php

@@ -17,7 +17,7 @@ if (isset($_POST['zone-content'])) { // Update zone
 		output(403, sprintf(_('The zone is limited to %s characters.'), ZONE_MAX_CHARACTERS));
 	foreach (explode("\r\n", $_POST['zone-content']) as $line) {
 		if ($line === '') continue;
-		if (preg_match('/^(?<domain>[a-z0-9@._-]+)(?:[\t ]+(?<ttl>[0-9]{1,16}))?(?:[\t ]+IN)?[\t ]+(?<type>[A-Z]{1,16})[\t ]+(?<value>.+)$/D', $line, $matches) !== 1)
+		if (preg_match('/^(?<domain>[a-z0-9@._-]{1,256})(?:[\t ]+(?<ttl>[0-9]{1,16}))?(?:[\t ]+IN)?[\t ]+(?<type>[A-Z]{1,16})[\t ]+(?<value>.+)$/D', $line, $matches) !== 1)
 			output(403, _('The following line does not match the expected format: ') . '<code>' . htmlspecialchars($line) . '</code>');
 		if (in_array($matches['type'], ALLOWED_TYPES, true) !== true)
 			output(403, sprintf(_('The %s type is not allowed.'), '<code>' . $matches['type'] . '</code>'));

pg-view/ns/caa.php

@@ -6,7 +6,7 @@
 	<br>
 	<label for="tag"><?= _('Tag') ?></label>
 	<br>
-	<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
+	<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,127}$" placeholder="issue" name="tag" type="text">
 	<br>
 	<label for="value"><?= _('Value') ?></label>
 	<br>